25 Terminal Tips Every Mac User Should Know

Mac Security, Terminal Style

The Unix command line is where many (if not most) of OS X’s security practices were born — and it’s still the place to go to lock down files, resolve system conflicts, and erase your tracks. After all, UNIX gives the Mac it's strong security foundation, and provides the basis for the Terminal command line.

10. Compress and Password-protect a File or Folder

Password-protected archives can’t be expanded by the Finder, a limitation that adds another layer of hassle, er, security.

The Finder can make ZIP archives from files and folders in one click from the File menu or the right-click contextual menu. When security is an issue, the Terminal’s zip command supersedes that with its ability to encrypt archived files and folders. The encryption standard is relatively weak by military or industrial standards, but it should be more than enough to defeat a nosy boss or family member.

To create an encrypted archive from a folder in the current directory, execute the following command:

zip -re archiveName name/of/folder

In the above command, replacing name/of/folder with the path and name of the folder you’d like to compress and archiveName with the name you’ve chosen for the zipped file. To retrieve the contents of an encrypted archive, execute unzip archiveName.

11. Fix File Permissions

In a multiuser system such as OS X, file permissions ensure privacy and security. Now and again, though, they can cause problems, especially when different users are swapping things through a shared folder on the same machine. If the permissions controls in the File Info dialog fail to resolve a problem, chmod and chown are certain to.

Generally, chmod is used to assign role-based permissions for users other than the owner. To ensure that anyone can open and modify a file, execute this command:

sudo chmod 777 path-to-file

Replace path-to-file with the actual file path and name of the file, which you can generate automatically by dragging a file from the Finder window into the Terminal window. When run, this command assigns full permissions to anyone who uses that machine, which is bad for security but good for convenience.

For more limited permissions, execute this command instead of the one above:

sudo chmod 644 path-to-file

Using this second command allows anyone to access and open the file, but only the file’s owner can modify it. To modify permissions on a folder and all of its contents, add the -R option after the command name.

Chown, on the other hand, assigns ownership of a file to particular user. If a file you’ve copied from someone else’s account refuses you access, execute the following command:

sudo chown your-short-user-name path-to-file

12. Securely Erase Free Space on Your Mac

It may sound strange, but deleted files aren’t actually deleted. Emptying the trash merely tells the operating system to mark the space as available, without actually removing the data that occupies that space on the drive. When new data needs the space, it writes over the old data, but until then, anyone with the right software can still recover the original data, and sometimes this recovery can still happen long after you've actually emptied the Trash on your Mac.

You can get the name of your drive by using the following two basic commands to look up the available system drives:

cd /Volumes/

ls

This will list the available drives, which you can copy and paste into the above command for the "name-of-drive" path.

diskutil is the command line equivalent of using the Disk Utility application on your Mac (located in /Applications/Utilities).

The utility will write to each drive sector 35 times, using a special algorithm. Thirty-five passes is well above the U.S. Department of Defense’s own standard for erasing data, which requires only seven passes for wiping data from a drive.

Note that with large capacity drives, this process may take a long time (perhaps days) to complete due to the capacity and work that needs to take place to do a 35-pass wipe of the data.

13. A Note About Sudo

Note that chmod, chown, and several other commands in this tutorial are running under sudo, which requires an administrator’s password before executing the proceeding command.

Sudo is a super user account that is built into UNIX-based systems, and because it executes commands as the administrator, overriding the system’s usual warnings and precautions, you should be extremely careful when using this command.

Be extremely cautious with this. If sudo tells the system to erase the entire hard drive, for example, the system will happily do it, no questions asked. You should always double-check what you've typed when performing a sudo command. The commands using sudo in these tutorials are relatively safe, but you can get into trouble if you don't know what you are doing here.

I'm trying to connect to a remote computer (tip #13) and so far, typing in the password has been an issue. Firstly, each time I type in the password, nothing comes up. It's as if my keyboard died. And secondly, I may have been following the instructions wrong since I'm still new to Terminal and haven't gotten used to all the terminology and commands e.g. what's the difference between remote and local? Anyways, I seem to have done them all right since I got through every step but the password bit. Please help!

P.S. I read somewhere that the password is a 'ghost' and that I have to type it blindingly. I know the password, tried typing it, failed.

I used the script "rsync -auE --progress ~ /Volumes/name-of-drive/name-of-backup-folder" to back up my home folder and named it "MyHome Backup". It apparently worked just fine, but I was just wondering where it put it ?

Apple is been always known for the security and the Application.By default,the Terminal targets your Home directory folders are called directories in Terminal-speak. You can move to different directories by executing the command cd path-to-directory.

Apple has the tremendous impact for the application and the security.The Terminal application is Apple’s implementation of a traditional Unix command-line environment, also called a shell. Keep in mind, though, that Unix shells come in many different flavors.

A triathlon is divided into three components: swimming, cycling and running. This can be daunting for novices and those trying a triathlon for the first time. Novice triathlon training should focus on learning how mixing these three separate sports have an effect on your body.
triathlon training programs

I'm ready to ssh into another Mac (or pc) on my home network, how do I discover their IP addresses without getting up out of my chair? I know that I can walk around the house and look in the Network Prefs to learn the IP address but I want to do it remotely. In my old Linksys router there was a panel in the web admin control screen showing the IP addresses of all the clients on my network. I don't see this in the Airport Utility for my new Time Capsule.

sudo !!
This reexecutes the last command entered as root. Great for when you get pesky 'Permission Denied' errors

A mac exclusive! When you have a file in the finder that you want to do something with, you can just drag it into terminal and it will put the path (the file's location) to that file where your cursor is.

Having trouble deleting a large amount of stuff from trash or taking too long to do the 'preparing to delete' thing? Try:

I executed this command "diskutil secureErase freespace 3 /Volumes/Macintosh\ HD" and it's running the erase but it seems to have doubled the contents of the HD, if only temporarily. Is this normal cause there's like Zero room left on my HD? Will it go away after the erase is complete? I just backed up w/ time machine on an external so I'm not super worried, but I'd just like to know what's going on.

Re: SSH
So now that I'm ready to ssh into another Mac (or pc) on my home network, how do I discover their IP addresses without getting up out of my chair? I know that I can walk around the house and look in the Network Prefs to learn the IP address but I want to do it remotely. In my old Linksys router there was a panel in the web admin control screen showing the IP addresses of all the clients on my network. I don't see this in the Airport Utility for my new Time Capsule.

Hi,Just a quick note about Ctrl-Z. When you use Ctrl-Z to stop a job or process that is running, it doesn't "kill" that process, just interrupts it and makes it wait. This is actually quite handy at times, because you have some job control you can do afterward:1) run the "jobs" command to see a list of jobs you've got waiting.2) run the "fg %#" command to bring a command back to active from the jobs list (use the number instead of the pound symbol).3) run the "bg %#" command to let a job run in the background (great for calculations and tasks that don't have much output!).4) run the "kill %#" command to kill the job.Be sure to put the percent symbol before the jobs list number, especially with the kill command, otherwise, it will use the process id (run "ps auxw" to see a list of all processes).Cheers,Andrew

Very good tips to follow. I am sure that a lot of people didn't know about these things when it comes to using Mac. I am grateful that you thought about us and put this information in this post for us.

I'm relieved to see you corrected the "key" on the image in tip #3 as printed in this issue of the magazine, which was grossly incorrect. Now just change #15 to use Ctrl-C to stop ping, instead of Ctrl-Z (not Command-Z) which just suspends a command instead of stopping it. Yes, the picture says "Stopped", but it's still running. Type "fg" after hitting Ctrl-Z and you'll be taken right back to the ping. Same Ctrl-Z foolishness on #17.

What a very timely article (for me at least!). I was just looking into this... It is always a hassle setting up a new computer, it would be nice if I could just run a script that would configure some/most of my system for me. I've found some commands that looked promising but ran into a few road blocks... I went to my local Apple Store and there the Genius told me that they didn't do Unix! That sucks. Here what I have so far:I randefaults read com.apple.finder DesktopViewOptions{ IconViewOptions = { ArrangeBy = none; BackgroundFlags = 0; BackgroundType = DefB; FontSize = 12; GridSpacing = 73; IconSize = 48; PropertiesLocation = botm; ShowPreviewIcon = 1; ViewMoreInfo = 0; };}I could reset the icon size or the font size or the grid spacing but not all three of them at once by using one of the following:defaults write com.apple.finder DesktopViewOptions -dict IconSize -integer 32;defaults write com.apple.finder DesktopViewOptions -dict FontSize -integer 11;defaults write com.apple.finder DesktopViewOptions -dict GridSpacing -integer 40;killall FinderI'd like to do something along the lines of:defaults write com.apple.finder DesktopViewOptions { IconViewOptions = { FontSize = 11; GridSpacing = 40; IconSize = 32; };}But this does not work. Any ideas?

What a very timely article (for me at least!). I was just looking into this... It is always a hassle setting up a new computer, it would be nice if I could just run a script that would configure some/most of my system for me. I've found some commands that looked promising but ran into a few road blocks... I went to my local Apple Store and there the Genius told me that they didn't do Unix! That sucks. Here what I have so far:I randefaults read com.apple.finder DesktopViewOptions{ IconViewOptions = { ArrangeBy = none; BackgroundFlags = 0; BackgroundType = DefB; FontSize = 12; GridSpacing = 73; IconSize = 48; PropertiesLocation = botm; ShowPreviewIcon = 1; ViewMoreInfo = 0; };}I could reset the icon size or the font size or the grid spacing but not all three of them at once by using one of the following:defaults write com.apple.finder DesktopViewOptions -dict IconSize -integer 32;defaults write com.apple.finder DesktopViewOptions -dict FontSize -integer 11;defaults write com.apple.finder DesktopViewOptions -dict GridSpacing -integer 40;killall FinderI'd like to do something along the lines of:defaults write com.apple.finder DesktopViewOptions { IconViewOptions = { FontSize = 11; GridSpacing = 40; IconSize = 32; };}But this does not work. Any ideas?

And lest some users are thinking this is too uber-geeky for mere mortals such as themselves, it's worth mentioning that highlighted text from any text document can be dragged right into an open terminal window. If anyone were uncomfortable typing directly in Terminal, they could save a document of their favorite commands and just drag 'em over. Easy.